[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-claude-code-source-map-leak-51w-lines-en":3,"tags-claude-code-source-map-leak-51w-lines-en":30,"related-lang-claude-code-source-map-leak-51w-lines-en":41,"related-posts-claude-code-source-map-leak-51w-lines-en":45,"series-tools-de197745-7ee4-4b70-b33a-797c7c5f9a76":82},{"id":4,"title":5,"content":6,"summary":7,"source":8,"source_url":9,"author":10,"image_url":11,"keywords":12,"language":18,"translated_content":10,"views":19,"is_premium":20,"created_at":21,"updated_at":21,"cover_image":11,"published_at":22,"rewrite_status":23,"rewrite_error":10,"rewritten_from_id":24,"slug":25,"category":26,"related_article_id":27,"status":28,"google_indexed_at":29,"x_posted_at":10,"tweet_text":10,"title_rewritten_at":10,"title_original":10,"key_takeaways":10,"topic_cluster_id":10,"embedding":10,"is_canonical_seed":20},"de197745-7ee4-4b70-b33a-797c7c5f9a76","Claude Code源码泄露：51万行代码曝光","\u003Cp>2026年3月31日凌晨，\u003Ca href=\"https:\u002F\u002Fwww.anthropic.com\" target=\"_blank\" rel=\"noopener\">Anthropic\u003C\u002Fa> 的官方 npm 包被安全研究员 \u003Ca href=\"https:\u002F\u002Fx.com\u002FFried_rice\" target=\"_blank\" rel=\"noopener\">Chaofan Shou\u003C\u002Fa> 发现带有可用的 Source Map。短短几个小时里，\u003Ca href=\"https:\u002F\u002Fwww.anthropic.com\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Claude Code\u003C\u002Fa> v2.1.88 的完整 TypeScript 源码就被还原出来，规模大约 51 万行，分散在 1900 多个文件里。\u003C\u002Fp>\u003Cp>这件事之所以引发广泛讨论，不只是因为“源码被看见了”，而是因为它发生在一个主打开发者工作流的 AI 产品上。\u003Ca href=\"\u002Fnews\u002Fclaude-code-leak-vidar-malware-github-en\">Claude Code\u003C\u002Fa> 本来就贴着“帮你写代码、改代码、读代码”的标签，结果它自己的代码也被人用同样的方式拆开了。\u003C\u002Fp>\u003Cp>如果你平时只把 Source Map 当成前端调试文件，这次事件会提醒你：一旦打包流程、发布流程、权限控制里有一个环节松了，源码、注释、目录结构、内部模块名都可能一起外流。\u003C\u002Fp>\u003Ch2>这次到底泄露了什么\u003C\u002Fh2>\u003Cp>从公开信息看，泄露的核心不是模型权重，也不是用户数据，而是 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanthropics\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Claude Code\u003C\u002Fa> 客户端的 TypeScript 源码。对外界来说，这种泄露的价值很高，因为它能直接展示产品是怎么组织能力边界、怎么调用本地工具、怎么做权限判断的。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775185440258-f9n2.png\" alt=\"Claude Code源码泄露：51万行代码曝光\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>对安全研究者和竞品团队来说，这类代码比营销页有用得多。你能看到真实的错误处理、命令调用、上下文拼接、日志埋点、补丁逻辑，甚至能看出团队在什么地方做了取舍。\u003C\u002Fp>\u003Cul>\u003Cli>泄露版本：Claude Code v2.1.88\u003C\u002Fli>\u003Cli>代码规模：约 51 万行\u003C\u002Fli>\u003Cli>文件数量：1900+ 个\u003C\u002Fli>\u003Cli>泄露入口：npm 包中的 Source Map\u003C\u002Fli>\u003C\u002Ful>\u003Cp>Source Map 的存在本来是为了调试压缩后的前端代码，但很多团队在发布时会把它一起带到线上。只要配置没收紧，浏览器、抓包工具或公开包内容都可能把原始源码拼回来。\u003C\u002Fp>\u003Cp>这也是为什么这类事故总让人后背发凉：它通常不是一次“黑进服务器”的高难操作，而是一次发布细节失控。\u003C\u002Fp>\u003Ch2>为什么 Source Map 会变成入口\u003C\u002Fh2>\u003Cp>Source Map 的机制并不复杂。前端或打包后的代码会保留一个映射文件，把压缩后的代码位置对应回原始源码。开发时它很方便，排查问题时尤其省事，但上线后如果没有严格限制访问，它就会把很多原本不该公开的信息一并暴露。\u003C\u002Fp>\u003Cp>在 AI 工具里，这种风险会被放大。因为这类产品往往同时包含本地命令执行、文件读写、上下文管理、权限提示、远程 API 调用，代码一旦被完整还原，外界就能更容易判断它的安全边界画在哪里。\u003C\u002Fp>\u003Cp>这次事件也说明一个老问题：不少团队对“源码公开”和“产品可用”之间的差别估计不足。功能能跑，不代表发布物里就该带调试资产；测试能过，不代表线上包里能留下足够还原内部实现的线索。\u003C\u002Fp>\u003Cblockquote>“Security is a process, not a product.” — Bruce Schneier\u003C\u002Fblockquote>\u003Cp>这句话虽然老，但放在今天依然准确。泄露并不自动等于灾难，真正可怕的是团队把发布链路里的小疏忽当成了低风险事项，最后让它在公开环境里连成了一条完整的攻击面。\u003C\u002Fp>\u003Ch2>和其他源码泄露相比，这次有什么不同\u003C\u002Fh2>\u003Cp>源码泄露并不新鲜，浏览器扩展、移动应用、Electron 客户端都发生过类似问题。但 \u003Ca href=\"\u002Fnews\u002Fclaude-code-leak-reveals-hidden-features-en\">Claude Code\u003C\u002Fa> 的特殊之处在于，它不是一个边缘工具，而是直接面向开发者日常工作的 AI 编程产品。它一旦暴露实现细节，影响的不只是品牌形象，还有外界对其安全设计的判断。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775185436050-ugm9.png\" alt=\"Claude Code源码泄露：51万行代码曝光\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>再看规模，51 万行、1900+ 文件已经不是“看个大概”了，而是足以让人做系统级分析。对比一些只泄露少量 bundle 或单个页面的事故，这次更像把整套工程结构摊在桌面上。\u003C\u002Fp>\u003Cul>\u003Cli>普通网页泄露：通常是少量 JS bundle + 映射文件\u003C\u002Fli>\u003Cli>桌面客户端泄露：常见于 Electron 包，能看到更多本地逻辑\u003C\u002Fli>\u003Cli>AI 编程工具泄露：会暴露命令执行、权限提示、上下文处理等核心实现\u003C\u002Fli>\u003Cli>这次规模：51 万行源码，1900+ 文件，信息密度更高\u003C\u002Fli>\u003C\u002Ful>\u003Cp>这也会影响外界对 Anthropic 工程流程的评价。Claude Code 这种产品本来就强调“帮助开发者更快写代码”，结果它自己的发布链路却暴露出典型的打包与分发风险，反差非常明显。\u003C\u002Fp>\u003Cp>对竞争对手来说，这次泄露更像一次低成本的产品拆解。对安全从业者来说，它更像一份活教材：如果你的发行包里还留着可逆向的调试信息，迟早会有人把它翻出来。\u003C\u002Fp>\u003Ch2>开发团队应该从这件事学到什么\u003C\u002Fh2>\u003Cp>最直接的教训是：发布前检查清单不能只看功能项，还要看调试资产、映射文件、符号表、内部日志是否被一起打包。很多事故不是因为代码写错，而是因为交付流程默认“这些文件没人会看”。\u003C\u002Fp>\u003Cp>第二个教训是权限最小化。即便 Source Map 被公开，也不该让它直接指向可下载的完整源码仓库，或者把内部目录结构暴露得过于清楚。越是面向开发者的产品，越容易被假设“用户懂技术”，但这不等于可以放松发布约束。\u003C\u002Fp>\u003Cp>第三个教训更现实：AI 工具正在变成新的高价值目标。它们接触代码、凭据、终端、云端接口，任何实现细节外泄都可能被用来做逆向、审计，甚至构造更精确的攻击链。\u003C\u002Fp>\u003Cul>\u003Cli>上线前关闭生产环境 Source Map 公开访问\u003C\u002Fli>\u003Cli>把调试文件从正式制品中剥离\u003C\u002Fli>\u003Cli>检查 npm、PyPI、容器镜像等分发渠道\u003C\u002Fli>\u003Cli>对 AI 工具的本地执行权限做单独审计\u003C\u002Fli>\u003C\u002Ful>\u003Cp>如果你在做类似产品，这次事件值得你立刻重看一遍 CI\u002FCD 配置。很多公司会花大量时间防模型越狱，却忘了先把自己的发布包看干净。\u003C\u002Fp>\u003Cp>如果你只是普通开发者，这件事也有直接参考价值：当你在项目里开启 Source Map、上传 sourcemap 到第三方服务、或者把调试包发到测试环境时，最好默认它们有一天会出现在公开视野里。\u003C\u002Fp>\u003Ch2>结论：这不是八卦，是发布工程的警报\u003C\u002Fh2>\u003Cp>Claude Code 这次源码泄露，表面上是一次信息外流，实质上是一次发布工程失误被公开放大。对 Anthropic 来说，最需要回答的问题不是“源码被看见了怎么办”，而是“为什么这种可逆向程度的制品会出现在公开分发链路里”。\u003C\u002Fp>\u003Cp>接下来最值得关注的不是围观代码本身，而是 Anthropic 会不会调整发布策略、收紧 Source Map、重新审视 AI 客户端的打包规范。对于所有做前端、桌面端、AI 工具的人，这次事故都可以直接变成一次检查清单：你的线上包里，还有多少东西不该被下载到？\u003C\u002Fp>\u003Cp>如果答案你自己都不确定，那就该马上查。\u003C\u002Fp>","Anthropic 的 Claude Code v2.1.88 源码被 Source Map 公开，约51万行、1900+文件被下载，安全细节随之曝光。","www.zhihu.com","https:\u002F\u002Fwww.zhihu.com\u002Fquestion\u002F2022394365436248248",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1775185440258-f9n2.png",[13,14,15,16,17],"Anthropic","Claude Code","Source Map","源码泄露","AI工具","en",0,false,"2026-04-03T03:03:37.831788+00:00","2026-04-03T03:03:37.799+00:00","done","ce0a140e-9c8a-4fc3-8926-e548039bd594","claude-code-source-map-leak-51w-lines-en","tools","507dbb52-7633-4a01-a73b-14abab4a2201","published","2026-04-07T07:41:12.028+00:00",[31,33,35,38,40],{"name":14,"slug":32},"claude-code",{"name":13,"slug":34},"anthropic",{"name":36,"slug":37},"source map","source-map",{"name":17,"slug":39},"ai工具",{"name":16,"slug":16},{"id":27,"slug":42,"title":43,"language":44},"claude-code-source-map-leak-51w-lines-zh","Claude Code 源碼外流：51萬行曝光","zh",[46,52,58,64,70,76],{"id":47,"slug":48,"title":49,"cover_image":50,"image_url":50,"created_at":51,"category":26},"a6c1d84d-0d9c-4a5a-9ca0-960fbfc1412e","why-gemini-api-pricing-is-cheaper-than-it-looks-en","Why Gemini API pricing is cheaper than it looks","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778869846824-s2r1.png","2026-05-15T18:30:26.595941+00:00",{"id":53,"slug":54,"title":55,"cover_image":56,"image_url":56,"created_at":57,"category":26},"8b02abfa-eb16-4853-8b15-63d302c7b587","why-vidhub-huiyuan-hutong-bushi-quan-shebei-tongyong-en","Why VidHub 会员互通不是“买一次全设备通用”","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778789439875-uceq.png","2026-05-14T20:10:26.046635+00:00",{"id":59,"slug":60,"title":61,"cover_image":62,"image_url":62,"created_at":63,"category":26},"abe54a57-7461-4659-b2a0-99918dfd2a33","why-buns-zig-to-rust-experiment-is-right-en","Why Bun’s Zig-to-Rust experiment is the right move","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778767895201-5745.png","2026-05-14T14:10:29.298057+00:00",{"id":65,"slug":66,"title":67,"cover_image":68,"image_url":68,"created_at":69,"category":26},"f0015918-251b-43d7-95af-032d2139f3f6","why-openai-api-pricing-is-product-strategy-en","Why OpenAI API pricing is a product strategy, not a footnote","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778749841805-uyhg.png","2026-05-14T09:10:27.921211+00:00",{"id":71,"slug":72,"title":73,"cover_image":74,"image_url":74,"created_at":75,"category":26},"7096dab0-6d27-42d9-b951-7545a5dddf33","why-claude-code-prompt-design-beats-ide-copilots-en","Why Claude Code’s prompt design beats IDE copilots","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778742651754-3kxk.png","2026-05-14T07:10:30.953808+00:00",{"id":77,"slug":78,"title":79,"cover_image":80,"image_url":80,"created_at":81,"category":26},"1f1bff1e-0ebc-4fa7-a078-64dc4b552548","why-databricks-model-serving-is-right-default-en","Why Databricks Model Serving is the right default for production infe…","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778692290314-gopj.png","2026-05-13T17:10:32.167576+00:00",[83,88,93,98,103,108,113,118,123,128],{"id":84,"slug":85,"title":86,"created_at":87},"8008f1a9-7a00-4bad-88c9-3eedc9c6b4b1","surepath-ai-mcp-policy-controls-en","SurePath AI's New MCP Policy Controls Enhance AI Security","2026-03-26T01:26:52.222015+00:00",{"id":89,"slug":90,"title":91,"created_at":92},"27e39a8f-b65d-4f7b-a875-859e2b210156","mcp-standard-ai-tools-2026-en","MCP Standard in 2026: Integrating AI Tools","2026-03-26T01:27:43.127519+00:00",{"id":94,"slug":95,"title":96,"created_at":97},"165f9a19-c92d-46ba-b3f0-7125f662921d","rag-2026-transforming-enterprise-ai-en","How RAG in 2026 is Transforming Enterprise AI","2026-03-26T01:28:11.485236+00:00",{"id":99,"slug":100,"title":101,"created_at":102},"6a2a8e6e-b956-49d8-be12-cc47bdc132b2","mastering-ai-prompts-2026-guide-en","Mastering AI Prompts: A 2026 Guide for Developers","2026-03-26T01:29:07.835148+00:00",{"id":104,"slug":105,"title":106,"created_at":107},"d6653030-ee6d-4043-898d-d2de0388545b","evolving-world-prompt-engineering-en","The Evolving World of Prompt Engineering","2026-03-26T01:29:42.061205+00:00",{"id":109,"slug":110,"title":111,"created_at":112},"3ab2c67e-4664-4c67-a013-687a2f605814","garry-tan-open-sources-claude-code-toolkit-en","Garry Tan Open-Sources a Claude Code Toolkit","2026-03-26T08:26:20.245934+00:00",{"id":114,"slug":115,"title":116,"created_at":117},"66a7cbf8-7e76-41d4-9bbf-eaca9761bf69","github-ai-projects-to-watch-in-2026-en","20 GitHub AI Projects to Watch in 2026","2026-03-26T08:28:09.752027+00:00",{"id":119,"slug":120,"title":121,"created_at":122},"231306b3-1594-45b2-af81-bb80e41182f2","claude-code-vs-cursor-2026-en","Claude Code vs Cursor in 2026","2026-03-26T13:27:14.177468+00:00",{"id":124,"slug":125,"title":126,"created_at":127},"9f332fda-eace-448a-a292-2283951eee71","practical-github-guide-learning-ml-2026-en","A Practical GitHub Guide to Learning ML in 2026","2026-03-27T01:16:50.125678+00:00",{"id":129,"slug":130,"title":131,"created_at":132},"1b1f637d-0f4d-42bd-974b-07b53829144d","aiml-2026-student-ai-ml-lab-repo-review-en","AIML-2026 Is a Bare-Bones Student Lab Repo","2026-03-27T01:21:51.661231+00:00"]